Encrypting Local Data In Intel XDK

In this tutorial I will show how to secure your local data by encrypting. Encrypting local data is important for every apps perspective.

Securing Cookies, LocalStorage, IndexedDB and SessionStorage Data

Intel XDK Apps usually store a lots of data locally i.e., using Cookies, WebSQL, LocalStorage, IndexedDB and SessionStorage. The data stored using these mechanisms is not trusted. There are many different ways hackers can exploit our app and read the information stored in these places. Therefore we should encrypt all the data we store using these mechanisms.

Do not hardcode the encryption key. Hacker can reverse engineer your app and find the key. The key must be different for every user i.e., it should be produced based on user credentials. To decrypt or encrypt the stored message you can retrieve the key from server using TLS protected HTTP connection or else take the key input from user.

Securing Application Storage Files

Every Intel XDK apps gets a application storage space to store its files. The www directory is also stored in application storage. Files which we create our self using JavaScript can be encrypted by us. We need to encrypt the file data and then store it in the file. JavaScript files also have some critical application information. We cannot encrypt them as browser will not be able to decrypt automatically while interpreting. So avoid storing important information in JavaScript files.

To create code blocks or other preformatted text, indent by four spaces:

This will be displayed in a monospaced font. The first four
spaces will be stripped off, but all other whitespace
will be preserved.
Markdown is turned off in code blocks:
[This is not a link](http://example.com)